Cloud security architecture – from process to deployment

Many of society’s critical functions are already being moved into clouds, and this trend is likely to accelerate. At the same time, security is becoming one of the top concerns for cloud computing.

The ability to withstand, detect, respond to and recover from attacks by malicious parties, or from unintentional security breaches, is seen as a cornerstone for trustworthiness by cloud actors. Trustworthiness is built on transparently ensuring security and privacy for tenants in an evolving environment. Security and privacy will therefore gradually become a business driver, more than a business enabler, on a global scale.

For a cloud service provider, security cannot be a permanent state reached through a one-time effort. Instead, it is a continuous process supported by cloud architecture.

Executing security as a process using the Trust Engine concept enables transparency and proof of compliance with best practices, specifications, standards and regulations. In this way, cloud service providers can offer better security for many customers than the customers are able to provide in their own IT networks.